After quite some time and work, I’m happy to announce the new release of the Linux Heap Analysis Plugins, which are now part of the Rekall project, but not yet part of an official Rekall release, so you have to grab them manually.
This release fixes several bugs and adds the following features:
Continue reading “New Release of Glibc Heap Analysis Plugins”
Tag: glibc
DFRWS USA 2017
As mentioned in my last blogpost, I had the pleasure to participate in this years DFRWS USA and present our paper. The paper and presentation can be freely viewed and downloaded here or here. Note that there is also an extended version of the paper, which can be downloaded here.
The keepassx, zsh and heap analysis plugins are now also part of the Rekall release candidate 1.7.0RC1, so it’s easier to get started.
The conference had some great talks and workshops, which I’m going to briefly sum up.
Continue reading “DFRWS USA 2017”
Release of Glibc Heap Analysis Plugins for Rekall
I’m happy to announce the release of several Glibc heap analysis plugins (for Linux), resp. plugins to gather information from keepassx and zsh, which are now included in the Rekall Memory Forensic Framework. This blogpost will demonstrate these plugins and explain how they can be used. More detailed information, including real world scenarios, will be released after the talk at this years DFRWS USA.
Continue reading “Release of Glibc Heap Analysis Plugins for Rekall”
Continue reading